-
Notifications
You must be signed in to change notification settings - Fork 320
79 lines (65 loc) · 2.92 KB
/
on_push.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
name: Push To Master
on:
push:
branches:
- master
- klayers-default
- klayers-dev
jobs:
build:
runs-on: ubuntu-latest
permissions:
id-token: write
contents: read
# if: github.event.pull_request.merged == true # only if merged
steps:
- name: Set up Git repository
uses: actions/checkout@v3
- name: Set AWS Environment variable based on branch
run: |
if [ ${{ github.ref }} == refs/heads/klayers-default ]
then
echo AWS_ENV=Klayers-defaultp38 >> $GITHUB_ENV
elif [ ${{ github.ref }} == refs/heads/klayers-dev ]
then
echo AWS_ENV=Klayers-devp38 >> $GITHUB_ENV
elif [ ${{ github.ref }} == refs/heads/master ]
then
echo AWS_ENV=Klayers-prodp38 >> $GITHUB_ENV
else
exit 1
fi
APP_NAME=$(cat ./pipeline/Terraform/terraform.tfvars.json | jq -r '.app_name')
echo APP_NAME=$APP_NAME >> $GITHUB_ENV
shell: bash
- name: Get AWS configuration
run: |
GITHUB_ROLE_ARN=$(cat ./.github/workflows/role_arns.json | jq -r --arg arg $AWS_ENV '.github_role_arn | .[$arg]')
AWS_REGION=$(cat ./pipeline/Terraform/terraform.tfvars.json | jq -r --arg arg $AWS_ENV '.aws_region | .[$arg]')
echo AWS_ROLE_ARN=$GITHUB_ROLE_ARN >> $GITHUB_ENV
echo AWS_DEFAULT_REGION=$AWS_REGION >> $GITHUB_ENV
shell: bash
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v1-node16
with:
aws-region: ${{ env.AWS_DEFAULT_REGION }}
role-to-assume: ${{ env.AWS_ROLE_ARN }}
role-duration-seconds: 1200
role-session-name: on-push-klayers-${{ env.AWS_ENV }}
- name: Bucket Parameter
run: |
BUCKET_PARAMETER_SUFFIX=$(cat ./pipeline/Terraform/terraform.tfvars.json | jq -r '.s3bucket_config_parameter_name_suffix')
echo CONFIG_BUCKET_PARAMETER_NAME=/$APP_NAME/$AWS_ENV/$BUCKET_PARAMETER_SUFFIX >> $GITHUB_ENV
- name: Get Bucket name
run: |
export CONFIG_BUCKET_NAME=$(aws ssm get-parameter --name $CONFIG_BUCKET_PARAMETER_NAME | jq -r ".Parameter.Value")
echo CONFIG_BUCKET_NAME=$CONFIG_BUCKET_NAME >> $GITHUB_ENV
- name: Upload new configuration to S3
run: |
CONFIG_DIR=$(cat ./pipeline/Terraform/terraform.tfvars.json | jq -r --arg arg $AWS_ENV '.config_dir | .[$arg]')
echo $CONFIG_DIR
aws s3 cp $CONFIG_DIR s3://$CONFIG_BUCKET_NAME --recursive
- name: Invoke Pipeline with entire github event
run: |
STATE_MACHINE_ARN=$(aws ssm get-parameter --name "/gh-push/$AWS_ENV/PipelineArn" | jq -r ".Parameter.Value")
aws stepfunctions start-execution --state-machine-arn $STATE_MACHINE_ARN --input file://${{ github.event_path }}